DarktraceEmail
This pack includes configurations to combine the world-class threat detection of Darktrace with the synchrony and automation abilities of XSOAR, allowing security teams to investigate critical incidents along with accompanying summaries and timelines.
Network Security · Darktrace
Configuration parameters
url— Server URL (e.g. https://example.net) (required)isFetch— Fetch incidentsinsecure— Trust any certificate (not secure)proxy— Use system proxy settingsincidentType— Incident typepublicApiKey— Public API Token (required)privateApiKey— Private API Token (required)min_score— Minimum Score (required)max_fetch— Maximum Emails per Fetchfirst_fetch— First fetch timeincidentFetchInterval— Incidents Fetch Intervaltag_severity— Darktrace Tag Severityactioned— Only Actioned Emailsdirection— Direction
Commands (3)
-
darktrace-email-get-emailFetch details about a specific Email.
-
darktrace-email-hold-emailApply "hold" action to a specified Email.
-
darktrace-email-release-emailApply "release" action to a specified Email.